CVE-2025-64139

A missing permission check in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

Published Oct 30, 2025

https://github.com/advisories/GHSA-mj6v-4wr4-gj57

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2025-64139

A missing permission check in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

Published Oct 30, 2025

https://github.com/advisories/GHSA-mj6v-4wr4-gj57

CVSS ScoreMedium

4.3


maven	org.jenkins-ci.plugins/windocks-start-container	1.4

Ecosystem	Package	Version


maven	org.jenkins-ci.plugins/windocks-start-container	1.4

Find vulnerabilities. Fix fast with AI.

CVE-2025-64139

CVE-2025-64139